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REMARKS 

Claims 1-22 are pending in this application. By this Amendment, claims 1, 9-13> 17 and 
20 are amended, and claim 22 is added. 

No new matter is presented by this Amendment. Support for the amendments may be 
found, for example, in the Abstract and in paragraphs 0009, 0012, 002U 0041-0048, and 0094 of 
the published patent application US 2003/0105981 and in the drawings, for example. 

Applicant respectfully requests reconsideration of the application. 

A. The 35 U.S.C SlOl Rejection 

In the Office Acdon, claim 10 is rejected under 35 U.S.C. 101. The Office Action asserts 
that the claimed invention is directed to non-statutory subject matter, and that it is not tangibly 
embodied as it is only software per se. The Office Action suggests that the claimed subject 
matter "computer executable software code should be changed to ''computer executable code 
stored on a computer-readable medium ... 

Applicant has amended the claim in response to the Examiner's comments and 
suggestion. It is respectfully submitted that the claims satisfy all requirements of 35 U.S.C. 
§101. Withdrawal of the 35 U.S.C. §101 rejection is respectfully requested. 

B. The 35 U.S.C, §103 Rejection 

In the Office Action, claims 1-21 are rejected under 35 U-S.C. 103(a) as being 
unpatentable over Gupta et al. (hereinafter Gupta) United States Letter Patent Number 6,226.752 
further in view of Makower et al. (hereinafter Makower) United States Publication Number 
2002/0184507, This rejection is respectfully traversed for the various reasons set forth below, 
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1. Clarification of the 35 U,S,C. §103 Rejection is Requested 
Applicant respectfully submits that the rejection under the applied art is improper. 
As set forth in M.P.E.P 706.02(j), 35 U.S.C. 103 authorizes a rejection where, to meet the 
claim, it is necessary to modify a single reference or to combine it with one or more other 
references, M.P,E.P 706.02G) indicates that after indicating that the rejection is under 35 U.S.C. 
103> the Examiner should set forth in the Office Action: 

(A) the relevant teachings of the prior art relied upon, preferably with reference to the 
relevant column or page number(s) and line numbcr(s) where appropriate, 

(B) the difference or differences in the claim over the applied reference(s). 

(C) the proposed modification of the applied rcfcrcncc(s) necessary to auive at the 
claimed subject matter, and 

(D) an explanation why one of ordinary skill in the art at the time the invention was made 
would have been motivated to make the proposed modification. 

M.P,E.P 706.02(j) references the well known requirements of Graham v» John Deere, 
383 U.S. 1, 148 U.S.P.Q. 459 (1966). Further, M.RE.P 706.02(j) notes that it is important for an 
Examiner to properly communicate the basis for a rejection so that the issues can be identified 
early and the Applicant can be given fair opportunity to reply. 

With respect to the present rejection under 35 U.S.C. §103, Applicant respectfully 

submits that the basis of the rejection is unclear under the analysis of Graham v. John Deere. 

Specifically, the Office Action, in particular^ asserts (on page 5) that as per claims 1,10 and 1 1 

Gupta teaches a method for validating credentials comprising: determining, at a first system that 

grants session credential based on successful authentication at the first system or successful 
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authentication at a second system, that a client does not have a valid session credential by the 
first systeni (Col. 7, lines 2-3; Col. 1 1, lines 46-49 and lines 65-66) , 

However, the Office Action asserts on page 6 that "Gupta does not explicitly disclose a 
fir&t system that grants a session credential." Accordingly, as should be appreciated, such 
statements as set forth in the Office Action are inconsistent. Further, the analysis under Graham 
V. John Deere is indeed based on such inconsistent statements. Thus, Applicant submits diat the 
analysis under Graham v. John Deere is deficient 

Based on such deficiency, withdrawal of the 35 U.S.C. §103 rejection is requested. 
2, The Motivation Set forth in the Office Action is Un5SuppQrtable 

Applicant respectfully subnuts that the motivation as set forth in the Office Action fails to 
support the proposed combination of applied art. 

The Office Action sets forth on page 6, that it would have been obvious to a person 
having ordinary skill in the art at the time the invention was made to modify the method 
disclosed by Gupta to include a method comprising a first system that grants a session credential. 
The Office Action asserts that the modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so, as suggested by, Makower 
(Page 1, paragraph 8) in order to protect confidential information and reduce inconvenience for 
the user/client in having to remember different authorizations for different servers; and that a 
user that is authenticated in a first server can access a second server without repeating the 
authentication process at the second server. 

Applicant submits that such motivation is deficient in that both Gupta and Makower 

indeed provide such capability without any such modification. That is, Gupta teaches (in the 
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Abstract) that one or more embodiments of the Gupta invention externalize the authentication 
mechanism from the application in the form of a login server; and only the login server needs to 
be configured to handle authentication mechanisms. On the other hand, Makower teaches (in the 
Abstract) the Makower invention generdUy relates to the field of secure centralized single sign- 
on and session maintenance for web servers on the Internet; and an implementation there is a 
centralized server that provides for the transparent sign-on, session managementt and session 
termination within each server in the federation of servers, and each federated server 
conununicates with the central sign-on server* 

Accordingly, the very basis of the 35 U.S.C. §103 rejection relies on an asserted alleged 
need to Oupca. However, Gupta simply does not have such need, i.e., Qupta teaches only the 
login server needs to be configured to handle authentication mechanisms. 

Based on such deficiency, withdrawal of the 35 US.C. §103 rejection is requested. 
3. The Applied Art Fails to Teach or Suggest the Claimed Invention 

Applicant submits that the teachings of Gupta and Makower, either alone of collectively, 
fail to teach or suggest the features of the claimed invention, as recited in claim L 

Claim 1 recites a mediod for validating credentials comprising determining, at a first 

system that grants session credentials based on successful authentication at the first system or 

successful authentication at a second system, that a client does not have a valid session 

credential granted by the first system; retrieving, at the first ayatem, information from a session 

token held by the client^ the infonrnition corresponding to a possible session credential for the 

second system that grants session credentials based on successful authentication at the second 

system; the first system presenting at least some of the information from the session token to 
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the second system; and the first system determining whether the client has a valid session 
credential granted by the second system; and determining at the second system whether the 
client has a valid session credential granted by the first system, so as to authenticate at the 
second system. 

Accordingly, claim 1 recites various particulars relating to the first system determining 
whether the client has a valid session credential granted by the second system* Further, claim 1 
recites determining at the second system whether the client has a valid session credential 
granted by the first system, so as to authenticate at the second system. Accordingly, such 
features reflect the nature of the invention and the advantages provided thereby. For example 
one advantage of the invention, as discussed in the application, is to provide a method and 
system to support cross-system authentication and credentialing, while maintaining the 
advantages of single system authentication and credentialing^ The features of claim 1 , i.e., the 
claimed invention, reflect such cross-system authentication and credentialing. 

Applicant submits that Gupta and Makower fail to teach or suggest the claimed 

invention as recited in claim 1 , either atone or collectedly. Telltale of the differences between 

the claimed invention and the applied art is reflected in the centralized authentication of the 

applied art. That is, as noted above, Gupta teaches (in the Abstract) that one or more 

embodiments of the Gupta invention externalize the authentication mechanism from the 

application in the form of a login server, and only the login server needs to be configured to 

handle authentication mechanisms. On the other hand, Makower teaches (in the Abstract) the 

Makower invention generally relates to the fteld of secure centralized single sign-on and session 

maintenance for web servers on the Internet; and an implementation chore is a centralized server 
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that provides for the transparent sign-on, session management, and session termination within 
each server in the federation of servers, and each federated server communicates with the 
central sign-on server* Neither Gupta nor Makower teach the cross-system authentication 
features as recited in claim 1. 

Instead, for example, Gupta teaches in column 12, lines 13-24, that if there is no valid 
session, an application server redirects the client's request to a login server at step 306. To 
redirect a request, the application server sends a redirect message (with the login server^s URL) 
back to the client's browser. The redirect message may also include the application's URL, a 
cookie for the application, and a temporary identifier. When a browtser receives a redirect 
message, the browser autonoatically sends a request to the specified URL (e.g., the login servers 
URL) without any interaction from the user along with any existing cookies (or tokens) for the 
specified URL. 

Further, Makower teaches, in paragraph 10, in an Internet implementation, a single sign- 
on protocol for use by web servers places minimal requirements on browsers, independent of 
the actual authentication mechanism used by any of the individual web servers accessed by the 
user, Makower describes authentication itself is decenuralized in this protocol, however, there 
is a centralized server that provides the means for transparent sign-on and session management 
within a federation of servers. Users authenticate themselves with any one of a group of 
federated servers, each federated server communicates with the central sign-on server so chat a 
user with a current session does not need to be reauihenticaied by other servers in the 
federation. 

In paragraph 0029, Makower teaches the client browser 42 is redirected to the central 
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siga-on server 32 (step query string parameters are preferably received by the central 
sign-on server 32: the operative federation identification, the challenge, and the web server's 
public identification (step 210). Makower goes on to describe after receiving the information 
(step 2I0)» the central sign-on server 32 auempts to recognize the client browser 42 (step 2 1 2). 
In one implementation, the central sign-on server's attempt to recognize the ch'ent browser 42 is 
via a cookie on the client browser 42. In this implementation, if no such cookie exists on the 
client browser 42, then the client browser 42 likely has not established a session on any of the 
servers of the federation (step 214). 

Further, in paragraph 22, Makower teaches in the preferred implementation, each 
federation of servers has one server that is designated as the central sign-on server 32. The 
central sign-on server 32 may be co-located with one or more of the federation servers, or it 
may be a stand*alone server providing only the central sign-on function. In this 
implementation, the central sign-on server 32 has a securely encrypted conununication channel 
with client browsers 42, 44. 48 and with all servers in the federation, for example via HTTPS 
(HTTP over SSL). The individual servers within the federation of servers may or may not be 
able to communicate with each other, however, each server in the federation has means to 
communicate with, and to authenticate the identity of clients/users. 



17 



PAGE 2I)«2'RCVDAT4/»20066:28:52PM [Eastern Daylight T^^^ 



^ APR-0Bt06 18:37 Froni:HUNTON i WILLIAMS 703-714-7416 T-565 P. 21/22 Job-237 

PATENT APPLICATION 10/026,403 
ATTORNEY docket: 72167.000570 



However, these various teachings of the applied art fail to suggest or teach the specifics 
of claim 1, and the cross-sysiem authentication features as discussed above and recited in claim 
1. Accordingly, even if it were obvious to somehow combine Gupta and Makower, which it is 
not admitted to be, such combination would still fail to suggest or teach the claimed invention, 

4, The 35 U,S.C, S103 Rejection is Unsupponable 

Accordingly, Applicant respectfiiUy submits that the applied art fails to teach or suggest 
the invention as recited in claim 1 for at least the reasons set forth above. Further. Applicant 
respectfully submits that claims 9-12, 13» 17 and 20 recite patentable subject matter for reasons 
similar to those set forth above with respect to claim 1 . 

Farther, the various dependent cimms recite patentable subject matter at icast for their 
various dependencies on the independent clain>s, as well as for the additional subject maner such 
dependent claims recite. 

New claim 22 has been added to recite further novel features of the present invention. 

C. Conclusion 

For at least the reasons outlined above, Applicant respectfully asserts that the application 
is in condition for allowance. Favorable reconsideration and allowance of the claims are 
respectfully solicited 

For any fees due in connection with filing this Response the Commissioner is hereby 
authorized to charge the undersigned's Deposit Account No. 50-0206. 
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Should the Examiner believe anything further is desirable in order to place the 
application io even better condition for allowance, the Examiner is invited to contact Applicant's 
undersigned representative at the telephone number listed below. 



Hunton & Williams 
1900 K Street, N.W.. Suite 1200 
Washington. D.C, 20006-1109 
(202) 955-1500 



Dated: APRIL 6. 2006 



Respectfully subnuned, 
HUNTON & Wid-IAJ 




James R. Voider 
"R&gi&tvmm No. 40,444 
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